This invention is directed to a cryptographic method for discouraging the copying and sharing of purchased software programs by allowing an encrypted program to be run on only a designated computer or, alternatively, to be run on any computer but only by the user possessing a designated smart card.
With the proliferation of so-called micro computers or personal computers, there has been an explosion in the writing and publishing of software for these computers. The investment in time and capital in the development of a good software program can be substantial, and in order to recoup this investment, the authors, copyright owners and/or publishers must rely on royalties and the amortization of costs produced by the sale of the programs. Since programs are generally distributed on inexpensive floppy diskettes, the end user often does not appreciate the substantial costs in the production of the programs. Moreover, the disk operating systems of most micro computers feature a disk copy utility which enables the end user to easily make back up copies of program diskettes. The result has been a misuse of the utility to make unauthorized copies. For example, two or more potential end users desiring a program may pool their resources and buy one copy of the program and then duplicate both the program diskette and the copyrighted manual that accompanies the program diskette. As another example, a small business having several micro computers may buy a single copy of a program and then duplicate the program diskette and manual in order to distribute copies to each micro computer station in the company. Both of these examples are clear violations of the copyright laws, but searching out and prosecuting violators is often impossible. The net result is a substantial loss of revenues to software authors and publishers. These revenues are needed in order to finance the development of new and improved software programs as well as to provide a reasonable profit to those who produced the programs that are copied without authorization.
The problem of unauthorized copying and use of programs has been addressed by the prior art. U.S. Pat. No. 4,120,030 to Johnstone discloses a computer software security system wherein the data address portions of a set of computer instructions are scrambled in accordance with a predetermined cipher key before the instructions are loaded into an instruction memory. The data involved in the program is loaded into a separate data memory at the addresses specified in the original, unscrambled program. An unscrambler circuit, which operates in accordance with the cipher key, is coupled in series with the data memory address input conductors.
U.S. Pat. No. 4,168,396 to Best discloses a microprocessor for executing computer programs which have been enciphered during manufacture to deter the execution of the programs in unauthorized computers. U.S. Pat. No. 4,278,837 to Best discloses a crypto-microprocessor chip that uses a unique cipher key or tables for deciphering a program so that a program that can be executed in one chip cannot be run in any other microprocessor. U.S. Pat. No. 4,433,207 to Best discloses an integrated circuit decoder for providing micro computer users with access to several proprietary programs that have been distributed to users in cipher. The decoder chip can decipher a program if an enciphered key called a "permit code" is presented to the decoder chip.
U.S. Pat. No. 4,446,519 to Thomas discloses a method for providing security for computer software by providing each purchaser of a software package with an electronic security device which must be operatively connected to the purchaser's computer. The software sends coded interrogation signals to the electronic security device which processes the interrogation signals and transmits coded response signals to the software. The programs will not be executed unless the software recognizes the response signals according to preselected security criteria.
The various schemes disclosed by these patents require specialized and dedicated hardware for accomplishing the security feature. Generally, these schemes are cumbersome and expensive to implement and therefore not commercially acceptable. What is needed is a software protection scheme which is simple and inexpensive to implement avoiding the need for specialized and dedicated hardware and which is attractive to a large number of diverse software publishing houses.